diff options
author | Vlad Yasevich <vladislav.yasevich@hp.com> | 2006-01-17 11:55:57 -0800 |
---|---|---|
committer | Sridhar Samudrala <sri@us.ibm.com> | 2006-01-17 11:55:57 -0800 |
commit | 313e7b4d2588539e388d31c1febd50503a0083fc (patch) | |
tree | aa39d488fbb9f3ad48afdec3ef48b49f6fb4a197 /net/sctp | |
parent | 8116ffad4180b39d7a755345c1fde09da83930c0 (diff) | |
download | linux-3.10-313e7b4d2588539e388d31c1febd50503a0083fc.tar.gz linux-3.10-313e7b4d2588539e388d31c1febd50503a0083fc.tar.bz2 linux-3.10-313e7b4d2588539e388d31c1febd50503a0083fc.zip |
[SCTP]: Fix machine check/connection hang on IA64.
sctp_unpack_cookie used an on-stack array called digest as a result/out
parameter in the call to crypto_hmac. However, hmac code
(crypto_hmac_final)
assumes that the 'out' argument is in virtual memory (identity mapped
region)
and can use virt_to_page call on it. This does not work with the on-stack
declared digest. The problems observed so far have been:
a) incorrect hmac digest
b) machine check and hardware reset.
Solution is to define the digest in an identity mapped region by
kmalloc'ing
it. We can do this once as part of the endpoint structure and re-use it
when
verifying the SCTP cookie.
Signed-off-by: Vlad Yasevich <vladislav.yasevich@hp.com>
Signed-off-by: Sridhar Samudrala <sri@us.ibm.com>
Diffstat (limited to 'net/sctp')
-rw-r--r-- | net/sctp/sm_make_chunk.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/net/sctp/sm_make_chunk.c b/net/sctp/sm_make_chunk.c index 4fe1d6c863b..5e0de3c0eea 100644 --- a/net/sctp/sm_make_chunk.c +++ b/net/sctp/sm_make_chunk.c @@ -1359,7 +1359,7 @@ struct sctp_association *sctp_unpack_cookie( struct sctp_signed_cookie *cookie; struct sctp_cookie *bear_cookie; int headersize, bodysize, fixed_size; - __u8 digest[SCTP_SIGNATURE_SIZE]; + __u8 *digest = ep->digest; struct scatterlist sg; unsigned int keylen, len; char *key; |